CVE-2023-40515
LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.5EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
03 mai 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the joinAddUser method. The issue results from improper input validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
. Was ZDI-CAN-20048.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
LG · Simple EditorQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →